Two more Southern California hospitals have been attacked by hackers who infiltrated their computer systems with ransomware and demanded payment to unlock the data, officials said.
Chino Valley Medical Center in Chino and Desert Valley Hospital of Victorville, both part of Prime Healthcare Services Inc., had their computer system compromised on Friday by a cyber attack. The cases are now part of an ongoing FBI probe, bureau spokeswoman Laura Eimiller said.
According to sources familiar with the ongoing investigation, the hackers got into one of the hospital’s computers and then spread a malware program that encrypts the data on computers. The hackers then demanded a ransom, typically in a cyber currency, to unlock the servers, according to the sources.
A similar hack occurred this year at Hollywood Presbyterian Hospital, and the hospital paid about $17,000 in bitcoins to get the keys back to its computer servers.
Fred Ortega, a spokesman for Prime Healthcare, acknowledged the attack and said that in the latest attacks, "nothing was paid and no patient or employee data was compromised" at either Desert Valley or Chino Hills medical facilities. He said technology specialists were able to limit the attack.
The hospitals, he said, remain operational, and the majority of the operations continued as managers took steps to restore the systems to full functionality.
“This is similar to challenges hospitals across the country are facing, and we have taken extraordinary steps to protect and expeditiously find a resolution to this disruption,” Ortega said. Chino Valley is a 126-bed community hospital, and Desert Valley is a 148-bed acute care facility.
Institutions including a Boston-area police department, a Maine sheriff’s office and an Arizona newspaper have fallen victim to ransomware attacks in recent years. Law enforcement officials and cyber security companies say they are seeing an uptick in these cyber attacks on both private businesses and public institutions.
Though some like the hospital case make national headlines, many attacks occur without any publicity — and with the victims ultimately agreeing to pay. Often, businesses conclude paying the ransom is the quickest and most efficient way to get their data back.
FBI’s Eimiller said the bureau does not recommend paying a ransom.
The malware locks the victim's computer to prevent access to the data or starts to spread the virus to the institution's computers and shuts them all down. The goal of these hackers, said security expert Phil Lieberman, is not to steal data but to merely lock it in place and take away the key.
For SoCal crime & investigations follow me on Twitter @lacrimes.